ABOUT
CVE DATABASE
CONTACT
VISIT SENTINELONE.COM

Crimeware

Intermittent Encryption For Speed And Evasion On The Rise A Trending Feature On The Ransomware Scene By Aleksandar Milenkoski Jim Walter 5
Crimeware

Crimeware Trends | Ransomware Developers Turn to Intermittent Encryption to Evade Detection
Aleksandar Milenkoski /

Partially encrypting victims' files improves ransomware speed and aids evasion. First seen in LockFile, the technique is now being widely adopted.

Read More
PyPI Phishing Campaign JuiceLedger Threat Actor Pivots From Fake Apps To Supply Chain Attacks 1
Crimeware

PyPI Phishing Campaign | JuiceLedger Threat Actor Pivots From Fake Apps to Supply Chain Attacks
Amitai Ben Shushan Ehrlich /

A new threat actor is spreading infostealer malware through targeted attacks on developers and fraudulent cryptotrading applications.

Read More
Who Needs Macros Threat Actors Pivot To Abusing Explorer And Other LOLBins Via Windows Shortcuts 6
Crimeware

Who Needs Macros? | Threat Actors Pivot to Abusing Explorer and Other LOLBins via Windows Shortcuts 
Aleksandar Milenkoski /

Crimeware vendors say 'macros are dead', but they have a new weapon to help threat actors successfully deploy malware.

Read More
LockBit 3.0 Update Unpicking The Ransomwares Latest Anti Analysis And Evasion Techniques 5
Crimeware

LockBit 3.0 Update | Unpicking the Ransomware’s Latest Anti-Analysis and Evasion Techniques
Jim Walter /

The self-proclaimed 'oldest ransomware affiliate on the planet' has new tricks and new features and continues to beat enterprise defenses.

Read More
CrateDepression Rust Supply Chain Attack Infects Cloud CI Pipelines With Go Malware 1
Crimeware

CrateDepression | Rust Supply-Chain Attack Infects Cloud CI Pipelines with Go Malware
Juan Andrés Guerrero-Saade /

Software developers using GitLab CI are being targeted with malware through a typosquatting attack, putting downstream users at risk.

Read More
LockBit Ransomware Side Loads Cobalt Strike Beacon With Legitimate VMware Utility 4
Crimeware

LockBit Ransomware Side-loads Cobalt Strike Beacon with Legitimate VMware Utility
James Haughom /

Long-running LockBit ransomware attempts to evade Windows ETW, AMSI and EDR by leveraging legitimate VMware logging command line utility.

Read More
Nokoyawa Ransomware New KarmaNemty Variant Wears Thin Disguise 5
Crimeware

Nokoyawa Ransomware | New Karma/Nemty Variant Wears Thin Disguise
Antonis Terefos /

Nemty developers have created a new, flawed update to the Karma ransomware variant in a bid to avoid detection and mislead attribution.

Read More
SanctionsBeDamnedFromDridexToMacawTheEvolutionOfEvilCorp 3
Crimeware

Sanctions Be Damned | From Dridex to Macaw, The Evolution of Evil Corp
Antonio Pirozzi /

What really happened to Evil Corp after the OFAC sanctions? Did they cut and run, or are they still operating with impunity?

Read More
BlackCat Ransomware Highly Configurable Rust Driven RaaS On The Prowl For Victims 6
Crimeware

BlackCat Ransomware | Highly-Configurable, Rust-Driven RaaS On The Prowl For Victims
Jim Walter /

With victims in the US, Australia and India, BlackCat is a new RaaS making a big impact. Learn more about this unique ransomware's behavior and IoCs.

Read More
New Rook Ransomware Feeds Off The Code Of Babuk 7
Crimeware

New Rook Ransomware Feeds Off the Code of Babuk
Jim Walter /

Scavenging code leaked from Babuk, Rook's first victim was a bank and the theft of 1123 GB of data. Learn more about this new ransomware operator.

Read More
1 2 3 4 7